Results 1 to 3 of 3

Thread: Fizzer virus secrets revealed

  1. #1
    Senior Member
    Join Date
    Nov 2002
    Posts
    382

    Fizzer virus secrets revealed

    This weekend, the IRC/Unity group discovered that access to computers infected by the Fizzer worm is regulated by a three-letter nickname, which is generated by an algorithm that depends on the current date. A person who knows the nickname can issue commands to any computer that's compromised by the virus and listening to the current chat channel.

    Several IRC operators have started using the information to command any PC infected with the virus that connects to their network to uninstall itself.

    "A lot of networks are actively sending out the command to all IRC Fizzer clients," said McGarrigle. "When they send the uninstall command, it leaves no trace of the bot."

    Full article here

    Using the bot itself do uninstall it, what a smart idea ....
    [shadow] SHARING KNOWLEDGE[/shadow]

  2. #2
    what a great day we live in, we can now delete the virus using the same backdoors someone else puts on, might have been easyer for them to use a password =p
    sectac
    The Hack Back Revolution
    irc.dal.net:#guesswhatyourhacked

  3. #3

    Cool

    The scary angle on this is that next time, it may not be so easy. Whoever release Fizzer probably now knows what the weaknesses are, and will make the necessary modifications to more tighly secure the infections once done. Yeah, we have a nifty way to nail the infections now.

    We were able to avoid infection by this primarily because of vigilance and keeping systems current and as secure as possible. A new zero-day infection that gets in under the anti-virus screen, and is better armored, would be a real challenge.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •